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further be concealed from the service provider via 
a process wherein encrypted information is used 
instead of the subscriber's normal identity. 
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MOBILE POSITIONING USING ENCRYPTED ID IN DATA NETWORK 
MESSAGES AND USING ALIASES IN CONNECTION WITH LOCATION 
BASED SERVICE APPLICATIONS 

5 Technical scope 

The present invention involves a process and a system for ensuring the 
integrity of position information regarding a mobile station in a communication 
networic for mobiie stations and in relation to a positioning service provider. 
The Invention addresses issues relating to privacy, authentication and security 
10 in connection with providing access to location information. 

Prior art 

A small number of systems for positioning are currently in operation. 
They are managed and used by telecom providers to offer services to their ' 
15 customers. A provider's customer requests a function, which is based on 
positioning of a telephone or telephones on the provider's networl<. 

A subscription telephone is directly linl<ed to a subscriber, and 
positioning a telephone is thereby a positioning of a physical person. The right 
to access this position information is critical, since the integrity of subscribers 
20 is directly connected to the possibility of controlling who can or may see their 
position. 

Telecom providers cannot currently produce position information as 
part of the extemal service provider's positioning solutions and simultaneously 
guarantee the integrity of the subscriber, unless the subscriber himself 

25 requests the positioning from his telephone and has logged on to the 
provider's portal with user identity and password. Such solutions entail 
additional steps in executing a positioning service and reduce tiie security. 

One part of the problem is that the mobile telephone is anonymous on 
the Internet, that is, there is no connection known to outsiders to the identity of 

30 the mobile telephone or subscriber, which is required in order to find the 
position of said mobile telephone. 
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Summary of the Invention 

The present invention intends to solve problems involved in mobile 
positioning with regard to the personal integrity of a user of a mobile 
telephone that is connected to a communications network of same, and to 
5 position the mobile telephone without having knowledge as to its identity 
outside of the operator's telephone network. The user of the mobile telephone 
is also the user of a positioning service and a subscriber of the telecom 
provider. 

In order to bring about said integrity, a process is specified for 
1 0 positioning of a mobile telephone in a communications network for mobile 
telephones and in relation to a positioning service provider. A first 
embodiment of "the Invention comprises the following steps: 

the positioning service provider's networtc computer authenticates the 
user by a log-in procedure; 
15 the user activates a* positioning procedure by sending an http-requesl 

to the positioning service provider's networic computer; 

the positioning sennce provider has an alias server which encrypts 
some of the user information with a code key that is only known to it, so as to 
obtain an alias, known as a service alias; 
20 said alias is used to request the position from a position proxy server; 

the position proxy server uses the service alias to lookup a second 
alias in a table, known as the operator alias; 

if the position proxy server finds said operator alias in the table. It uses 
It to select the operator and the following procedure is carried out: 
25 the position proxy server sends a request containing at least the 

operator alias to the selected operator's positioning platfonm in order to obtain 
the user's position; 

the operator's positioning platform receives said request; 
the positioning platform sends the operator alias to the alias serven 
30 the alias server decodes the received operator alias to obtain the 

subscriber's mobile telephone number and returns this to the positioning 
platform; 

the operator uses the mobile telephone number to obtain the position 
from the operator's positioning system; 
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the positioning platfonn returns tlie position to the position proxy 

server, 

the proxy server returns the position to the positioning sen/ice provider; 

the positioning sen/ice provider perfonns the application-related 
5 processing and returns the required infomnation to the user. 

A further embodiment of the invention handles the case when said step 
of the position proxy sen/er using the sen/ice alias to lookup the operator's 
alias in a table Is not successful. This means that the user has not initiated 
positionihg services with his operator. To initiate these positioning services, 
1 0 the following procedure is used: 

if the position proxy server does not find said operator alias in the table, 
the position proxy server returns an error message to the positioning sen^ice ' 
provider, containing a linic which can be used to initiate positioning services 
for the user; 

15 the positioning seivice provider generates a retum page to the user, 

containing among other things said lini^ and Infomiation so that the user can 
activate positioning services by activating said link; 

the user activates said link, which points to a resource at the position 
proxy server; 

20 the position proxy server registers the IP address assigned to the user. 

The IP address says which WAP gateway the user is hooked up to. There is a 
high likelihood that the WAP gateway is situated in the same country as the 
user's operator; 

the positioning proxy sender generates a page with operator links, 
25 based on said country, where the user himself can specify an operator; 

said operator links link to resources available from the selected 
operator; 

these operator links also contain a unique transaction number which is 
used to distinguish the sessions of the users; 
30 when the user specifies an operator by selecting one of said operator 

links, a network computer at the respective operator generates a page which 
is sent to the user; 

this page contains a fonm on which the subscriber indicates his mobile 
telephone number; 
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the user sends out the form to the operator's network computer; 
the operator's network computer receives the fomn and checks to make 
sure that the indicated mobile telephone number belongs to a subscriber in 
the operator's network; 
5 if the number does not belong to the operator, the user is directed back 

to the position proxy server to select a different operator; 

if the number belongs to the operator, the operator's network computer 
sends an SMS to the Indicated number; 

said SMS contains an identity number and any necessary instructions 
10 on how to use it; 

the operator's network computer also sends a page to the user with 
instructions so that the user can receive an SMS with a number that needs to 
be indicated on the same page; . 

the user receives said SMS and indicates said number on the page, 
1 5 and activates the link which sends the number; 

the operator's network computer receives said number; 
if the number matches, the operator's alias server encrypts said 
telephone number by means of an encryption key known only to the operator 
' and the operator's network computer sends the so. obtained operator alias 
20 together with said transaction number back to the position proxy server and 
directs the user back to the position proxy server, containing said transaction 
number; 

the proxy server receives said operator alias and transaction number 
and it stores said service alias together with said operator alias as one item in 
25 « a database; 

positioning services at the current positioning service provider are now 
activated for the user who can begin to use position-related services from the 
positioning service provider. 

In a further embodiment of the invention, the user activates the service 
30 via the network instead of the telephone. This embodiment functions in similar 
fashion, except that the IP address cannot be used to indicate which country 
the user's operator belongs to. In this case, the user also has to indicate the 
country before he indicates the operator. 
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In yet another embodiment of the invention, said step in which the 
position proxy server selects a country through the IP address has the further 
functionality of being able to directly select the connect operator. This is 
possible inasmuch as certain WAP gateways only allow subscribers from their 
5 own network to connect via them. If this is the case the step of operator 
selection by the user need not occur. The position proxy server keeps a list 
with WAP gateways that have the above characteristic. 

In yet another embodiment of the invention, a process is given for the 
operator to deactivate the positioning services for a particular subscriber. This 
10 occurs in that the operator's network computer sends a message to the 
position proxy server containing the operator alias conresponding to said 
subscriber and information as to which services, or service providers, are to 
be deactivated. The position proxy server removes the corresponding Items 
from the database. 

15 Ih yet another embodiment of the invention, said page, which contains 

a fomri on which the subscriber indicates his mobile telephone number is 
generated by the position proxy server instead of the operator's networic 
computer. However, in this case as well, the user sends but the form to the 
operator's networic computer. 

20 In yet another embodiment of the invention, said position proxy server 

is situated at the positioning service provider's premises. In this case, a 
service alias is not necessary. 

In yet another embodiment of the invention, said telephone number is 
kept at the position proxy server, instead of the alias. 

25 in yet another embodiment of the invention, infomiation deriving from 

the operator's alias is also kept at the positioning service provider. 

Another embodiment of the invention comprises the following steps: 
a user connects via WAP to a positioning sen/ice provider's network 
computer; 

30 the user activates a positioning procedure by sending a request to the 

positioning sendee provider's network computer via the operator's WAP 
gateway; 

said request is translated into a http-reqiiest in the WAP gateway; 
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the WAP gateway notes that the. request is a positioning request, since 
the contents of the http-request fulfill certain criteria, and then sends an 
inquiry as to which telephone number the subscriber has to the operator's 
dialup server; 

5 the WAP gateway encrypts the thus obtained telephone number 

together with the present time; 

the WAP gateway embeds the thus obtained encryption string into said 
http-request; 

the positioning service provider's network computer receives said http- 
10 request and uses the encryption string and the WAP gateway's source IP 
address to request the position from a position proxy server; 

the position proxy server selects an operator by means of the WAP 
gateway's source IP address, and requests the position from the operator's 
positioning platfomi; 

15 the operator's positioning platfomi decodes the encryption string to 

obtain the telephone number and time; 

the operator's positioning platfomi checks to make sure the obtained 
time is current, and in this way gets a validation that said request has recently 
been made by the subscriber; 
20 given a successful validation, the operator's positioning platfomi 

positions the subscriber and returns the position to the position proxy server; 

the proxy sen/er fonA/ards the position to the positioning service 
provider's networic computer; 

the positioning service provider's networt< computer generates a 
25 current page and retums this to the use 

A further embodiment of the Invention handles the situation where SMS Is 
used, and it comprises the following steps: 

a user sends an SMS to a particular number, which con'esponds to a 
positioning service at the positioning service provider; 
30 the operator's SMSC notes that the message is intended for a 

positioning service and encrypts the subscriber's telephone number along 
with the cu rent time; 

the thus obtained encryption string is embedded in the message; 
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the message is sent by the protocol used by the SMSC to a position 
proxy server; 

the position proxy server receives the message, unpaclcs the protocol 
used and requests the position from the operator's positioning platform by 
5 means of the encryption string; 

the operator's positioning platform decodes the encryption string to 
obtain the telephone number and time; 

the operator's positioning platfonn checks to make sure the obtained 
time is current, and in this way gets a validation that said request has recently 
1 0 been made by the subscriber; 

given a successful validation, the operator's positioning platform 
positions the subscriber and returns this to the position proxy sen/er; 

the position proxy server uses the thus obtained position to request 
information from the positioning sen/ice provider's network computer; 
15 based on the position, the positioning sen/Ice provider's network 

computer generates a reply containing relevant infonnation for the service; 

the position proxy server uses the thus obtained information to 
generate a reply which is sent to the subscriber via said SMSC, using the 
protocol employed by ttie SMSC. 
20 C In a further embodiment of the invention, the user's identity is 
encrypted by means of a proxy instead of the WAP gateway. This 
embodiment comprises the following steps: 

a user connects via WAP to a positioning sen/ice provider's network 
computer; 

25 the user activates a positioning procedure by sending a request 

intended for the positioning semce provider's network computer via the 
operator's WAP gateway; 

the positioning service provider's network computer has a special IP 
address which is used for all its positionlng-related services; 

30 " in the WAP gateway's routing table there is an item for the IP address 

which states that packets intended for the positioning service provider's 
network computer should first be sent to an http-proxy with a given, different, 
IP address; 

said request Is translated into an http-request in the WAP gateway; 
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the WAP gateway notes, by means of header infomiation, that the 
request is a positioning request and it then sends an inquiry as to which 
telephone number the subscriber has to the operator's call server; 

the WAP gateway Inserts the thus obtained telephone number in said 
5 http-request and sends the http-request on to said http-proxy; 

said http-proxy receives and temninates the http-request; 

said http-proxy makes sure there is conrect infonnation in the header 
information field on the TCP and IP level. In this way, the WAP gateway acts 
as if It has an http-session directly with the positioning sen^ice provider's 
10 network computer, while in reality it is said http-proxy, which handles all Its 
http-requests; 

said http-proxy detects that the http-request is positioning-related, 
since the http-requesf s contents fulfill certain criteria, and It extracts the 
telephone number; 

15 if this step is unsuccessful, the http-request is sent on to the final 

destination; 

if this step Is successful, said http-proxy encrypts the thus obtained 
telephone number along with the present time; 

said http-proxy embeds the thus obtained encryption string in a new 
20 http-request for the positioning sen/ice provider's network computer; 

the positioning service provider's network computer receives the http- 
request and uses the encryption string and the http-prox/s source IP address 
to request the position from a position proxy server; 

the position proxy server selects an operator based on the http-proxy's 
25 source IP address and requests the position from the operator's positioning 
platform; 

the operator's positioning platform decodes the encryption string to 
obtain the telephone number and time; 

the operator's positioning platform checks to make sure the obtained 
30 time is current, and in this way gets a validation that said request was recently 
made by the subscriber; 

given a successful validation, the operator's positioning platform 
positions the subscriber and returns this to the position proxy server; 
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the proxy server forwards the .position on to the positioning sen^ice 
provider's networ[< computer; 

the positioning service provider's network computer generates a 
current page and retums this to the user. 
5 In yet another embodiment of the invention, the position proxy server 

handles operators that do not have automatic positioning or connection to the 
position proxy server by Instead directing the user to resources at the position 
proxy server, which help the user to indicate his position manually. This 
manual position entry can occur, for example, by giving one's address. 
10 In a further embodiment of the invention, the SMS situation is handled 

In which the encryption Is done by means of a proxy instead of at the SMSC. 
This embodiment comprises the following steps: 

a user sends an SMS to a particular number, corresponding to a 
positioning service at the positioning service provider; 
15 at the SMSC, there is data present which indicates that all SMS 

messages to the number which corresponds to particular positioning services 
will be sent to a proxy, with a given IP address; 

said proxy receives the message from the SMSC and terminates the 
protocol used outwardly by the SMSC; 
20 between the proxy and the position proxy server, a protocol is used 

which may possibly be a different protocol than that used by the SMSC; 

said proxy extracts the subscriber's telephone number from the 
received message and converts it, with the current time, Into an encryption 
string; 

25 this encryption string Is embedded In a request and said proxy sends 

this message to the position proxy server, 

the position proxy server receives the message, unpacks the protocol 

used, and requests the position from the operator's positioning platform by 

means of the encryption string; 
30 the operator's positioning platform decodes the encryption string to 

obtain the telephone number and time; 

the operator's positioning platform checks to make sure that the 

received time is current, and in this way gets a validation that said request has 

recently been made by the subscriber; 
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given a successful validation,, tlie operator's positioning platform 
positions the subscriber and returns this to the position proxy sen/er; 

the position proxy server uses the thus obtained position to request 
infonnation from the positioning sendee provider's network computer; 
5 based on the position, the positioning service provider's network 

computer generates a reply containing information relevant to the service; 

the position proxy sen/er uses the thus obtained information to 
generate a reply which is sent to the subscriber via said SMSC, using the 
protocol employed forSMSC. 
10 In a further embodiment of the invention, the situation is handled in 

which the method is used for authentication of purposes other than 
positioning. This embodiment is similar to the above-described methods; ^ 
except that an activity other than positioning is carried out. 

In another embodiment of the invention, the situation is handled where 
1 5 the position proxy sen/er is situated at the positioning service provider. 

In another embodiment of the invention, the situation is handled where 
information other than the time is encrypted together with the telephone 
number. 

In another embodiment of the invention, the situation is handled where 
20 extra information is embedded in the request to the positioning service 
provider so as to uniquely distinguish the user. This information, for example, 
may consist of an encrypted telephone number. r 

Brief Description of the Drawings 
25 Further, the text of the description refers consecutively to the attached 

figures .for a better understanding of the present invention and its 
embodiments or exemplifications, where: 

Fig. 1 illustrates one embodiment of a system for ensuring the integrity 
of position infonmation in accordance with the present invention; 
30 Fig 2 illustrates another embodiment of a system for ensuring the 

integrity of position infonnation in accordance with the present invention; 

Fig 3 illustrates one embodiment of a system for ensuring the integrity 
of position information in connection with WAP sen/ices in accordance with 
the present invention; and 
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Fig. 4 illustrates another embodiment of a system for ensuring the 
integrity of position information in connection with WAP services in 
accordance with the present invention; and 



Figure 1 illustrates a system of integrity positioning of mobile 
telephones. The user 120 connects via his mobile telephone 115 via the 
telecom provider's telephone network 130 and Intemet 140 to a positioning 
service provider's network computer 102. The user 120 activates a positioning 

10 service by sending a request to the positioning service provider's network 
computer .102* The positioning service provider's network computer 102 
sends the user's identity to an alias server 101 via a request 110. The alias 
server 101 encrypts the user's Identity with an encryption key and sends the 
resulting service alias back (111) to the positioning service provider's network 

15 computer 102. The positioning service provider's network computer 102 
sends a request 112 to a position proxy server 202, containing at least the 
sen/ice alias and Infomnation about the current positioning service. 
The proxy server uses the received service alias to obtain a previously saved, 
corresponding operator alias from a look-up in a database 201. The position 

20 proxy server 202 uses the obtained operator alias to request the position from 
the operator 300. The operator's positioning platform 302 receives said 
request. The operator's positioning platform 302 sends the operator alias to 
an alias server 301 . The alias sen/er 301 decodes the operator alias to obtain 
the user's telephone number. The alias server 301 sends back the telephone 

25 number to the positioning platfomn 302. The operator's positioning platform 
302 uses the so obtained telephone number to request the position from the 
operator's positioning system 400. The so obtained position is sent back to 
the position proxy server 202, which in turn sends the position back to the 
positioning service provider's network computer 102. The positioning service 

30 provider's network computer 102 generates a page with position-related 
content, which is sent to the user 1 20. 

Figure 2 illustrates a system for integrity positioning of mobile 
telephones. In particular, figure 2 illustrates the procedure when the user 120 
has not previously used the positioning services of the current positioning 
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service provider 100. The user 120 cx)nnects through the telecom provider's 
telephone network 130 and Internet 140 to a positioning sen/ice provider's 
network computer 102. The^ user 120 activates a positioning service by 
sending, a request to the positioning sen^ice provider's network computer 102 

5 which sends the user's identity to an alias sen/er 101 via a request 110. The 
alias server 101 encrypts the user's identity with an encryption key and sends 
back (111) the resulting service alias to the positioning service provider's 
network computer 102. The positioning service provider's network computer 
102 sends an http-request 112 to a position proxy server 202, containing at 

10 least the service alias and infonnation about the current positioning service. 

The proxy server 202 uses the received service alias to try to obtain a 
corresponding operator alias from a look-up In a database 201. If this 
database look-up is unsuccessful, it means that the user has not Initiated 
positioning services from the current positioning service provider. If such is 

15 the case, the procedure described hereafter Is canied out. The proxy server 
202 replies to said request from the positioning service provider's network 
computer 102. The reply contains information to the effect that the positioning 
service must be initiated for the cun^ent user,' along with sufficient information 
about how this initialization can be done. Normally, thiis information consists of 

20 a link, which the user can activate to cany out said initialization. The 
positioning service provider's network computer 102 generates a reply to the 
user's telephone 115, containing a link that points to a resource 203 at the 
position proxy sender. As an alternative, the user 120 is automatically directed 
on to the same resource 203. The user 120 activates said link, the position 

25 proxy server generates the network page corresponding to the resource 203 
which con-esponds to said link and the network page is returned to the user's 
telephone 115. Said network page 203 contains a choice of operator. The 
user activates the link corresponding to the same operator. This link points to 
a resource situated at the conresponding operator's network computer 303. 

30 This resource consists of a page where the user 120 has to enter his 
telephone number. When the user 120 has provided his telephone number 
and returns it to the operator's network computer 303, the operator first 
checks whether the telephone number belongs to the operator by a look-up in 
the database 306. If the telephone number does not belong to the operator 
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300, the user can either enter his telephone number again or the user Is also 
directed back to the network page 203. If the telephone number belongs to 
the operator, the operator sends an SMS via the SMS center 304, containing 
an identity code to said telephone number. The operator also sends a network 
5 page to the user. When the user 120 has received the SMS message, he 
enters the identity code on the network page that was retumed when he sent 
the telephone number. The user sends back the Identity code to the 
operator's network computer 303. The operator's network computer receives 
the identity code and checks its authenticity. If the identity code matches, the 

10 user's subscriber number is established. In such case, the operator's network 
computer sends the subscriber number to an alias server 301 . The alias 
server 301 encrypts the subscriber number, making use of an encryption key 
known only to the operator 300, and returns the so obtained operator alias to 
the operator's network computer 303. The operator's network computer 303 

15 sends a message 317 to the position proxy server 202 about the established 
operator alias. The operator's network computer also directs the user to a 
previously determined return address. The position proxy server 202 saves 
said operator alias together with said service alias In the database 201 . In the 
above procedure, the subscriber's identity never leaves the telecom provider's 

20 network. Consequently, the personal integrity of the user is not compromised. 

Figure 3 illustrates a system for Integrity positioning of mobile 
telephones via WAP services. The user connects through his mobile 
telephone 1101 via the telecom provider's telephone network 1120 and the 
Internet 1130 to a positioning service provider's network computer 1132. The 

25 user 1101 activates a positioning service by sending a request to the 
positioning service provider's network computer 1132. The positioning service 
provider's network computer 1132 has a special IP address that is used for all 
its positioning-related services. The WAP gateway's 1104 routing table 
contains an item for the IP address, indicating that packets intended for the 

30 positioning service provider's network computer 1132 should first be sent to 
an http-proxy 1105 with a particular, different, IP address. Said request is 
converted in the WAP gateway 1104 into an http-request. The WAP gateway 
1104 notices by means of header Information in said http-request that the 
request Is a positioning request and It then sends an inquiry as to which 
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telephone number the subscriber has to the operator's call server. The WAP 
gateway 1104 inserts the thus obtained telephone number into said http- 
request and sends the http-request on to said http-proxy 1105. Said http- 
proxy 1105 receives and terminates the http-request. Said http-proxy 1105 
5 makes sure that connect infonmation is found in the header information field on 
the TCP and IP level. In this way, the WAP gateway acts as if it has an http- 
session directly with the positioning service provider's network computer 
1132, while in reality it is said http-proxy 1105, which handles all its http- 
requests. Said http-proxy 1105 detects that the http-request is positioning- 

1 0 related and extracts the telephone number. If this step fails, the http-request is 
sent on to the final destination via the router 1106. If this step is successful, 
said http-proxy 1105 encrypts the thus obtained telephone number together 
with the current time. Said http-proxy embeds the thus obtained encryption 
string in the http-request to the positioning sen/ice provider's network 

15 computer 1132. The positioning service provider's network computer 1132 
receives the http-request and uses the encryption string and the http-proxy's 
source IP address to request the position from a position proxy server 1131. 
The position proxy sen/er 1 131 selects an operator based on the http-proxy 's 
source IP address and requests the position from the operator's positioning 

20 platform. The operator's positioning, platform 1107 decodes the encryption 
string to obtain the telephone number and time. The operator's positioning 
platfomn 1107 checks to make sure the obtained time Is cun-ent, and in this 
way it gets a validation that said request has recently been made by the 
subscriber. Given a successful validation, the operator's positioning platform 

25 positions the subscriber and returns this to the position proxy server 1131. 
The position proxy server 1 131 fonwards the position to the positioning service 
provider's networic computer 1132. The positioning service provider's network 
computer 1 132 generates a current page and returns this to the user 1 101 . 
Figure 4 illustrates a system for Integrity positioning of mobile 

30 telephones via SMS sendees. The user 1201 sends an SMS to a particular 
number, which con^esponds to a positioning service at the positioning service 
provider 1232. The SMSC 1204 has data which states that all SMS messages 
to the number coaesponding to this positioning service are intended for an 
SMS-proxy 1205, located within the operator's firewalls. Said SMS-proxy 
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1205 receives the message from SM[SC1204 and terminates the protocol 
used outwardly by the SMSC. Between the SMS-proxy 1205 and the position 
proxy server 1231, a protocol is used which can be a protocol different from 
that used by the SMSC 1204. Said SMS-proxy 1205 extracts the subscriber's 
5 telephone number from the received message and converts it along with the 
current time into an encryption string. This encryption string is inserted into a 
request and said SMS-proxy sends this message to the position proxy server 
1231. 

The position proxy sender 1231 receives the message, unpacks the 

10 protocol used, and requests the position from the operator's positioning 
piatfomi by means of the encryption string. The operator's positioning platform 
1207 decodes the encryption string to obtain the telephone number and time. 
The operator's positioning piatfomi 1207 checks to make sure the received 
time is current, and in this way gets a validation that said request has recently 

15 been made by the subscriber 1201. Given a successful validation, the 
operator's positioning platform 1207 positions the subscriber and returns this 
td the position proxy server 1231. The position proxy server 1231 uses the 
thus obtained position to request information from the positioning service 
provider's network computer 1232. Based on the position, the positioning 

20 service provider's network computer 1232 generates a reply containing 
infonmation relevant to the sennce. The position proxy server 1231 uses the 
thus obtained infonmation to generate a reply, which is sent to the subscriber 
via said SMS-proxy 1205 and the SMSC 1204. 

In the above procedure, the subscriber's identity never leaves the 

25 telecom provider's network. Consequently, the personal integrity of the user is 
not compromised. 

The present invention has been described here with examples and 
embodiments, but it is the attached claims that define additional embodiments 
for a specialist in the technical field. 



30 
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Patent Claims 

1. Process for integrity positioning of a mobile teleptione in a 
communications networlc for mobile telephones and in relation to a positioning 
sen/ice provider, characterized in tliat it contains the following steps: 

5 . a subscriber in said communications networI< connects to a network 

page of said positioning service provider in an open computer network, which 
offers a positioning service; 

said subscriber activates a positioning procedure by sending a request 
to said positioning service; 
10 said positioning service converts said subscriber's unique user 

information at the positioning service provider into a sen/ice alias; 

the positioning service provider's network computer requests said ' 
subscriber's position from a proxy server by means of said service alias; 

said proxy server converts said service alias into an operator alias by 
1 5 performing a look-up in a database; 

said proxy server requests said subscriber's position from said operator 
by meand of said operator alias; 

said operator converts said operator alias into a subscriber identity that 
is unique to the operator; 
20 said operator positions said subscriber by means of said unique 

subscriber identity; 

said operator returns the thus obtained position to said proxy server; 
said proxy server retums said position to said positioning service 
provider's network computer; 
25 said positioning service generates a position-related networi< page and 

returns it to the subscriber's mobile telephone. 

2. Process for deactivation of integrity positioning of a mobile telephone 
in a communications network for mobile telephones and in relation to. a 

30 positioning service provider, characterized in that it contains the following 
steps: 

a subscriber in said communications network connects to a first 
network page at said positioning sen/ice provider in an open computer 
networi<, which offers a positioning service; 



# 
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20 



said subscriber activates a positioning procedure by sending a request 
to said positioning service; 

said positioning service converts said subscriber's unique user 
infomiation at said positioning service provider into a service alias; 

the positioning service provider's network computer requests said 
subscriber's position from a proxy server by means of said service alias; 

said proxy server, by performing a database look-up, notes that there is 
no existing operator alias con^esponding to said service alias; 

said subscriber is directed to a second network page where the choice 
of an operator occurs; 

said subscriber is directed to a third network page where the telephone 
number is entered; " 

said operator checks to make sure that said entered telephone number 
belongs to said operator; 

if said check is successful, said operator sends an SMS containing 
unique infomnatlon to said entered telephone number; 

said subscriber receives said SMS and enters said unique infomnatlon 
on a fourth network page; 

the operator makes a second check to make sure that said subscriber 
has correctly entered said unique infonmation; 

if said second check is successful, said operator converts a subscriber 
identity that is unique to said operator into a unique operator alias; 

said operator fonvards said operator alias to said proxy server; 

said proxy server saves said sen/ice alias together with said operator 
alias in said database. 

3. Process according to claim 1 , characterized in that said conversion 
of said unique user Information occurs by means of encryption. 

4. Process according to claim 2, characterized in that said conversion 
of said unique user infomnation occurs by means of encryption. 



5. Process according to claim 1 , characterized in that said conversion 
of said unique user infonmation occurs by means of a database look-up. 



# 



WO 02/49380 



PCT/USOl/48518 



18 



6. Process according to claim 2, characterized in that said conversion 
of said unique user information occurs by means of a database look-up. 

7. Process according to claim 1, 3 or 5, characterized In tliat said 
5 conversion of said operator alias occurs by means of decoding. 

8. Process according to claim 1, 3 or 5, characterized in that said 
conversion of said operator alias occurs by means of a database lool<-up. 

10 9. Process according to claim 2, 4 or 6, characterized in that said 

conversion of said subscriber identity occurs by means of encryption. 

10. Process according to claim 2, 4 or 6, characterized in that said 
conversion of said subscriber identity occurs by means of a database. 



11. Process according to claim 2, 4, 6, 9 or 10, characterized in that 
said operator choice is facilitated by using the subscriber's IP address. 

12. Process according to claim 2, 4, 6, 9 or 10, characterized in that 
20 said operator choice is done automatically by using the subscriber's IP 

address and knowledge about a particular configuration of the WAP gateway. 



In that one or more of said checks of telephone number, said sending of SMS, 
25 or said second checks occurs at the proxy server. 

14. Process according to claim 1, 5 or 8, characterized in that said 
operator alias consists of the subscriber's telephone number. 



15 



13. Process according to claim 2, 4, 6, 9, 10, 11 or 12, characterized 



30 



"15. Process according to claim 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 
14 or 15, characterized in that one or more of said proxy server's functions Is 
situated at said positioning service provider. 
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16. Process according to claim 2, 4 or 6, characterized in that the 
subscriber, instead of initializing the positioning service, is directed to a 
network page where said subscriber is positioned manually. 



telephone in a communications networl< for mobile telephones and in relation 
to a positioning service provider, characterized in that it contains the 
following steps: 

an operator sends a message to a proxy server, containing an operator 
10 alias, as well as an order to deactivate the positioning at said positioning 
service provider for the subscriber corresponding to said operator alias; 

said proxy server removes the service alias corresponding to said 
operator alias and said positioning service provider from the database. 

15 18. System for Integrity positioning of a mobile telephone in a 

communications network for mobile telephones and In relation to a positioning 
service provider, characterized in that it contains the following steps: 

a subscriber in said communications network connects to a network 
page of said positioning service provider in an open computer network, which 
20 . offers a positioning service; 

said subscriber activates a positioning procedure by sending a request 
to said positioning sen/ice; 

said positioning service converts said subscriber's unique user 
information at the positioning service provider into a service alias; 
25 the positioning service provider's network computer requests said 

subscriber's position from a proxy server by means of said service alias; 

said proxy server converts said service alias into an operator alias by 
doing a database look-up; 

said proxy server requests said subscriber's position from said operator 
30 by means of said operator alias; 

said operator converts said operator alias into a subscriber identity that 
is unique to the operator; 

said operator positions said subscriber by means of said unique 
subscriber identity; 



17. Process for deactivation of integrity positioning of a mobile 
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said operator returns the position to said proxy server; 
said proxy server returns the position to said positioning service 
provider's netwoi1< computer; 

said positioning sen/ice generates a position-related network page and 
5 returns it to the subscriber's mobile telephone. 

19. System for deactivation of integrity positioning of a mobile 
telephone in a communications network for mobile telephones and in relation 
to a positioning service provider, characterized In that It contains the 
10 following steps: 

a subscriber in said communications network connects to a first 
networi< page at said positioning service provider in an open computer 
networtc, which offers a positioning service; 

said subscriber activates a positioning procedure by sending a request 
1 5 to said positioning sen^ice; 

said positioning service converts said subscriber's unique user 
Infomnatlon at said positlpning service provider into a service alias; 

the positioning sen^ice provider's networi< computer requests said 
subscriber's position from a proxy server by means of said sen/ice alias; 
20 said proxy server, by doing a database look-up, notes that there is no 

such operator alias existing that corresponds to said service alias; 

said subscriber is directed to a second network page where choice of 
an operator occurs; 

said subscriber is directed to a third networic page where entry of the 
25 telephone number occurs; 

said operator checks to make sure that said entered telephone number 
belongs to said operator; 

if said check is successful, said operator sends an SMS containing 
unique infonmation to said entered telephone number; 
30 said subscriber receives said SMS and enters said unique Information 

on a fourth networic page; 

the operator makes a second check that said subscriber has correctly 
entered said unique information; 
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if said second check is successful, said operator converts a unique 
subscriber identity for said operator into a unique operator alias; 

said operator forwards said operator alias on to said proxy server; 
said proxy server saves said service alias along with said operator 
5 alias in said database. 

20. System according to claim 18, characterized in that said 
conversion of said unique user infomnation occurs by means of encryption. 

10 21. System according to claim 19, characterized in that said 

conversion of said unique user infonnation occurs by means of encryption. 

22. System according to claim 18, characterized in that said 
conversion of said unique user information occurs by means of a database 

15 look-up. 

23. System according to claim 19, characterized in that said 
conversion occurs by means of a database loolc-up. 

20 24. System according to claim 18, 20 or 22, characterized In that said 

conversion of said operator alias occurs by means of decoding. 

25. System according to claim 18, 20 or 22, characterized in that said 
convdrsion of said operator alias occurs by means of a database look-up. 

25 

26. System according to claim 19, 21 or 23, characterized in that said 
conversion of said subscriber identity occurs by means of encryption. 

27. System according to claim 19, 21, or 23, characterized in that said 
30 conversion of said subscriber Identity occurs by means of a database. 



28. System according to claim 19, 21, 23 or 26, characterized in that 
said operator selection is facilitated by using the subscriber's IP address. 
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29. System according to claim 19, 21, 23 or 26, characterized in that 
said operator choice Is done automatically by using the subscriber's IP 
address and knowledge about a particular configuration of the WAP gateway. 

5 30. System according to claim 1 9, 21 , 23, 26, 27 or 28, characterized 

in that one or more of said checks of telephone number, said sending of SMS 
or said second checks takes place at the proxy server. 

31 . System according to claim 18, 22 or 25, characterized In that said 
1 0 operator alias consists of the subscriber's telephone number. 

32. System according to claim 18. 19, 20, 21, 22, 23, 24, 25, 26, 27 28, 
29, 30 or 31. characterized in that one pr more of said proxy server's 
functions are situated at said positioning service provider. 

15 

33. System according to claim 19,21, 23, 26, 27 or 28, characterised 
in that the subscriber, instead of initializing the positioning service, is directed 
to a network page where said subscriber is positioned manually. 

20 34. System for deactivation of integrity positioning of a mobile 

telephone in a communications network for mobile telephones and in relation 
to a positioning sen^ice provider, characterized in that it includes the 
following steps: 

an operator sends a message to a proxy server containing an operator 
25 alias and an order to deactivate the positioning at said positioning service 
provider for the subscriber con^esponding to said operator alias; 

said proxy server removes the sen/lce alias conresponding to said 
operator alias and said positioning service provider from the database. 

30 35- Process for integrity-protected sennce usage by a mobile telephone 

in an operator's communication network for mobile telephones and in relation 
to a service provider, characterized in that it contains the following steps: 
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a subscriber in said communications network connects to a network 
page of said service provider in an open computer network, which offers a 
service; 

said subscriber activates a service procedure by sending a request 
5 intended for said service; 

information about the subscriber's telephone number is procured In 
said communications network and inserted into said request; 

in said request, said telephone number is replaced by the jointly 
encrypted telephone number and context information, and extra encrypted 
10 information 

said service provider's network computer receives said request; 

said service provider's networi< computer requests service infonnation 
from a proxy sen/er; 

said request contains said jointly encrypted telephone number and 
15 context information, and infonmation regarding said request; 

said proxy sen/er detects the operator to which said subscriber is 
connected, by means of said infomnation concerning said request, and 
switches said request to said operator's service platform; 

said operator's said service platfomn extracts the telephone number 
20 and context information by decoding said jointly encrypted telephone number 
and context infonmation; 

said operator's said serAce platform validates that said context 
information is cun-ent and that said telephone number is relevant; 

said operator's said service platfonn extracts said sen/ice information; 
25 said operator returns said service information to said proxy server; 

said proxy server provides said service infomnation to said service 
provider's networic computer; 

said service provider's network computer uses said service information 
and generates a reply and retums it to said subscriber. 

30 

36. Process for integrity-protected sen/ice usage by a mobile telephone 
in an operator's communications networic for mobile telephones and in relation 
to a service provider, characterized in that it comprises the following steps: 
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a subscriber in said communications network activates a sen/ice at 
said service provider by sending an SMS to a predetermined number; 

said SMS is handled by said operator's SMSC; 

information about the subscriber's telephone number is procured in 
5 said communications network and inserted into a first protocol used by the 
SMSC; 

said first protocol is replaced by a second protocol where said 
telephone number is replaced by the jointly encrypted telephone number and 
context information, as well as extra encrypted information; 
10 a proxy server handles said SMS by implementing said second 

protocol and receives a corresponding message; 

said message contains at least said jointly encrypted said telephone 
number and context Information, said extra encrypted Infonnation, and the 
text from said SMS; 

15 said proxy server requests s,ervice information from the operator's 

sen/ice platform, containing at least said jointly encrypted telephone number 
and context information; 

said operator's said service platform extracts the telephone number 
and context infonnation by decoding said jointly encrypted telephone number 
20 and context infonnation; 

said operator's said service platform validates that said context 
information is current and that said telephone number is relevant; 

said operator's said service platfonti extracts said sen^ice information; 
. said operator returns said service information to said proxy sender; 
25 said position proxy server sends a request to said service provider's 

network computer, containing at least said service Infonnation; 

said service provider's network computer generates a reply and returns 
it to said position proxy sender; 

the proxy server fonA^ards said reply on to said subscriber by sending 
30 an SMS. 

37. Process according to claim 35, characterized in that said 
replacement of said jointly encrypted telephone number and context 
information and extra encrypted information occurs in the WAP gateway. 
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38. Process according to claim 35, characterized in that said 
replacement of said jointly encrypted telephone number and context 
information and extra encrypted information occurs in a separate proxy 

5 server. 

39. Process according to claim 35, 37 or 38, characterized in that said 
Infonnation concerning said request consists of said requests sender IP 
address. 

10 

40. Process according to claim 36, characterized' in that said 
replacement with a second protocoi, where said telephone number is replaced 
with jointly encrypted telephone number and context information and extra 
encrypted Information, occurs at the SMSC. 

15 

41. Process according to claim 36 characterized In that said 
replacement with a second protocol, where said telephone number Is replaced 
with Jointly encrypted telephone number and context infonnation and extra 
encrypted information, occurs in a separate proxy server. 

20 

42. Process according to claim 35, 36, 37, 38. 39, 40 or 41, 
characterized in that said service usage is a positioning service usage, said 
service provider is a positioning service provider, said service is a positioning 
sen/ice, said sen/ice infonnation Is the position, said proxy server is a position 

25 proxy server and said service platfonn is a positioning platform. 

43. Process according to claim 35, 36, 37, 38, 39, 40i 41 or 42 
characterized in that said position proxy server is implemented in one of said 
service provider's network computers. 

30 

44. Process according to claim 35, 36, 37, 38, 39, 40, 41, 42 or 43 
characterized in that said context information is the current time. 
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45. Process according to claim .35, 36, 37, 38, 39, 40, 41, 42, 43, or 44 
characterized in that said extra information consists of said telephone 
number, encrypted. 

5 46. System for integrity-protected service usage by a mobile telephone 

in an operator's communications network for mobile telephones and in relation 
to a service provider, characterized in that it comprises the following steps: 

a subscriber in said communications networl^ connects to a network 
page of said service provider in an open computer network, which offers a 
10 service; 

said subscriber activates a service procedure by sending a request 
intended for said sen/ice; 

information about the subscriber's telephone number is procured in 
said communications network and inserted into said request; 
15 in said request, said telephone number is replaced by the jointly 

encrypted telephone number and context information, and extra encrypted 
infomiation; 

said service provider's network computer receives said request; 

said sen/ice provider's network computer requests service infomiation 
20 from a proxy server; 

said request contains said jointly encrypted telephone number and 
context infomiation, and information regarding said request; 

said proxy server detects the operator to which said subscriber is 
connected, by means of said infomiation concerning said request, and 
25 switches said request to said operator's service platform; 

said operator's said service platform extracts the telephone number 
and context infonmation by decoding said jointly encrypted telephone number 
and context information; 

said operator's said sen/ice platfonm validates that said context 
30 inforrnation is cun^ent and that said telephone number is relevant, 

said operator's said service platform extracts said service information; 

said operator returns said service infomiation to said proxy sen/er; 

said proxy server provides said service information to said service 
provider's network computer; 
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said service provider's network computer uses said service information 
and generates a reply and retums it to said subscriber. 

47. System for integrity-protected service usage by a mobile telephone 
5 in an operator's communications network for mobile telepliones and in relation 
to a service provider, characterized in tfiat it comprises tlie following steps: 

a subscriber in said communications network activates a service at 
said sen/ice provider by sending an SMS to a predetermined number; 
said SIVIS is handled by said operator's SI\/1SC; 
10 information about the subscriber's telephone number is procured in 

said communications network and inserted into a first protocol used by the 
SMSC; 

said first protocol is replaced by a second protocol where said 
telephone number is replaced by the jointly encrypted telephone number and 
15 context information, as well as extra encrypted infomnation; 

a proxy server handles said SMS by implementing said second 
protocol and receives a corresponding message; 

said message contains at least said jointly encrypted said telephone 
number and context information, said extra encrypted infonnnation, and the 
20 text from said SMS; 

said proxy server requests service Information from the operator's 
service platform, containing at least said jointly encrypted telephone number 
and context infomiation; 

said operator's said sen/ice platform extracts the telephone number 
25 and context Infonnation by decoding said jointly encrypted telephone number 
and context Information; 

said operator's said sen/ice platfomri validates that said context 
infomnation is cunrent and that said telephone number is relevant; 

said operator's said service platfomn extracts said sendee information; 
30 said operator retums said service information to said proxy sen/er; 

said position proxy sender sends a request to said service provider's 
network computer, containing at least said sen^'ce infonmation; 

said service provider's network computer generates a reply and retums 
it to said position proxy server; 
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the proxy server forwards said reply on to said subscriber by sending 
an SMS: 

48. System according to claim 46, characterized in that said 
5 replacement of said jointly encrypted telephone number and context 

information and extra encrypted information occurs in the WAP gateway. 

49. System according to claim 46, characterized in that said 
replacement of said jointly encrypted telephone number and context 

10 information and extra encrypted information occurs in a separate proxy 
server. 

50. System according to claim 46, 48 or 49, characterized in that said 
information concerning said request consists of said request's sender IP 

15 address. 

51. System according to claim 47, characterized in that said 
replacement with a second protocol, where said telephone number is replaced 
with jointly encrypted telephone number and context infonnation and extra 

20 encrypted information, occurs at the SI\/ISC. 

52. System according to claim 47, characterized in that said 
replacement with a second protocol, where said telephone number is replaced 
with jointly encrypted telephone number and context infomnation and extra 

25 encrypted information, occurs In a separate proxy sender. 

53. System according to claim 46. 47, 48, 49, 50, 51, or 52 
characterized in that said semce usage is a positioning sen^ice usage, said 
service provider is a positioning service provider, said service is a positioning 

30 service, said service information is the position, said proxy server is a position 
proxy sen/er and said sendee platfonn is a positioning platform. 
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54. System according to claim 46, 47, 48, 49, 50, 51, 52 or 53, 
characterized In that said position proxy server is implemented in one of said 
service provider's network computers. 

5 55. System according to claim 46, 47, 48, 49, 50, 51, 52, 53 or 54, 

characterized In that said context infomnation is the current time. 



56. System according to claim 46, 47, 48, 49, 50, 51 , 52, 53, 54 or 55, 
characterized in that said extra infomnation consists of said telephone 
1 0 number, encrypted. 
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